Vulnerabilities > Webspell > Webspell > 4.01.01

DATE CVE VULNERABILITY TITLE RISK
2009-06-04 CVE-2009-1912 Path Traversal vulnerability in Webspell
Directory traversal vulnerability in src/func/language.php in webSPELL 4.2.0e and earlier allows remote attackers to include and execute arbitrary local .php files via a ..
network
webspell CWE-22
6.8
6.8
2007-03-02 CVE-2007-1163 SQL Injection vulnerability in Webspell 4.0/4.01.00/4.01.01
SQL injection vulnerability in printview.php in webSPELL 4.01.02 and earlier allows remote attackers to execute arbitrary SQL commands via the topic parameter, a different vector than CVE-2007-1019, CVE-2006-5388, and CVE-2006-4783.
network
low complexity
webspell CWE-89
7.5
7.5
2006-10-18 CVE-2006-5388 SQL Injection vulnerability in WebSpell
SQL injection vulnerability in index.php in WebSPELL 4.01.01 and earlier allows remote attackers to execute arbitrary SQL commands via the getsquad parameter, a different vector than CVE-2006-4783.
network
low complexity
webspell
7.5
7.5